NOSU[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NOSU.exe
Size

86KB
MD5

892272f4509f0b56c10e1e2535647f34
SHA1

f3344f7daaeb805c55912bbc0b753e2ffbcc5d1b
SHA256

f74e2b91042290f363b610e62eab1c5180ca644fdea2313bd5da1dbb86db7780
SHA512

ea7235250754dbdfc6fac4be8213a518c8338693abb9e28f890fecb5b91af5c5d8e753e6c7696713689a2f290293e16a100c248d4ebaf3063b2653f7625b3ed0
SSDEEP

384:mAtrT7Us9Lt4J2c+5cSjY4vbd/UUHVGWE00t2YWKm9DTUiJFnh:mU/7HEh0jYo98izh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NOSU.exe

Files

NOSU.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Couia\source\repos\DownloaderMalware\obj\Release\NOSU.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ